Intelligent Load Balancing: Optimizing Password Recovery Across Heterogeneous Units
November 14th, 2024 by Oleg Afonin
In the latest update of Elcomsoft Distributed Password Recovery (EDPR), we’ve introduced a revamped load-balancing feature. The new feature aims to enhance resource utilization on local workstations across diverse hardware configurations. This update has drastically reduced the time required to break passwords in certain hardware configurations, thanks to a refined load distribution algorithm. In this article, we’ll share some technical details on how load balancing leverages a mix of GPUs and CPU cores.
iOS 15 Forensic Implications: Temporary iCloud Backups
August 23rd, 2021 by Oleg Afonin
One of the main problems of iCloud forensics (unknown account passwords aside) is the sporadic nature of cloud backups. Experts often find out that a given user either does not have device backups in their iCloud account at all, or only has a very old backup. This happens primarily because of Apple’s policy of only granting 5GB of storage to the users of the free tier. While users can purchase additional storage for mere 99 cents a months, very few do so. iCloud Photos, downloads and other data quickly fill up the allotted storage space, leaving no space for a fresh cloud backup.
NAS Forensics: TrueNAS Encryption Overview
August 20th, 2021 by Oleg Afonin
Established NAS manufacturers often offer some kind of encryption to their users. While anyone can use “military-grade AES-256 encryption”, the implementation details vary greatly. Synology, Asustor, and TerraMaster implement folder-based encryption, while QNAP, Thecus, and Asustor (MyAcrhive) employ full-disk encryption; the full comparison is available here. In this article, we’ll have a look at encryption methods used in TrueNAS, a system commonly used by computer enthusiasts for building custom NAS servers.
Apple Watch Forensics: The Adapters
August 18th, 2021 by Vladimir Katalov
How do you extract an Apple Watch? While several extraction methods are available, you need an adapter if you want to get the data directly from the device. There are several different options available on the market, some of them costing north of $200. We tested a large number of such adapters. How do they stand to the marketing claims? In this article, I will share my experience with these adapters.
iOS Privacy Protection Tools: Encrypted DNS, iOS 15 Private Relay, Proxy, VPN and TOR
July 28th, 2021 by Oleg Afonin
Protecting one’s online privacy is becoming increasingly more important. With ISPs selling their customers’ usage data left and right, and various apps, mail and Web trackers contributing to the pool of “anonymized” data, de-anonimyzation becomes possible with big data analysis. This was clearly demonstrated with the recent event highlighted in Catholic priest quits after “anonymized” data revealed alleged use of Grindr.
Updated Elcomsoft iOS Forensic Toolkit Simplifies macOS Installs, Fixes Corrupted File System Extraction
July 15th, 2021 by Vladimir Katalov
While we are still working on the new version of Elcomsoft iOS Forensic Toolkit featuring forensically sound and nearly 100% compatible checkm8 extraction, an intermediate update is available with two minor yet important improvements. The update makes it easier to install the tool on macOS computers, and introduces a new agent extraction option.
How to Remove Restrictions from Adobe PDF Files
July 1st, 2021 by Vladimir Katalov
Have you got an Adobe PDF file that you can open but cannot edit, print or copy selected text to the clipboard? There is an easy solution: with just a couple of clicks, the file can be unprotected. Bad news: you’ll need software. Good news: we’ve built one for you.
Elcomsoft System Recovery Simplifies Digital Field Triage and In-Field Investigations
June 17th, 2021 by Oleg Afonin
Elcomsoft System Recovery is a perfect tool for digital field triage, enabling safer and more secure in-field investigations of live computers by booting from a dedicated USB media instead of using the installed OS. The recent update added a host of features to the already great tool, making it easier to examine the file system and extract passwords from the target computer.
Analyzing Microsoft Timeline, OneDrive and Personal Vault Files
June 15th, 2021 by Oleg Afonin
Elcomsoft Phone Breaker is not just about Apple iCloud data. It can also download the data from other cloud services including Microsoft accounts. In this new version, we have added support for even more types of data, including Windows 10 Timeline, Account Activity (logins to the account), OneDrive files, recent OneDrive files history, and files from Microsoft Personal Vault. Learn about these data types and how they can help advance your investigation.
Breaking VeraCrypt: Obtaining and Extracting On-The-Fly Encryption Keys
June 3rd, 2021 by Oleg Afonin
Released back in 2013, VeraCrypt picks up where TrueCrypt left off. Supporting more encryption algorithms, more hash functions and a variable number of hash iterations, VeraCrypt is the default choice for the security conscious. VeraCrypt has no known weaknesses except one: once the encrypted disk is mounted, the symmetric, on-the-fly encryption key must be kept in the computer’s RAM in order to read and write encrypted data. A recent change in VeraCrypt made OTF key extraction harder, while the latest update to Elcomsoft Forensic Disk Decryptor attempts to counter the effect of the change. Who is going to win this round?
Password Crackers’ Gold Mine: Browser Passwords
June 1st, 2021 by Vladimir Katalov
How to break ‘strong’ passwords? Is there a methodology, a step by step approach? What shall you start from if your time is limited but you desperately need to decrypt critical evidence? We want to share some tips with you, this time about the passwords saved in the Web browsers on most popular platforms.
